 |
Workshop on PCI/DSS v1.2
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements developed to reduce credit card fraud and increase data security. This industry standard affects every company that deals with card payment transactions. The PCI DSS requires companies to:
- Build and maintain secure network architecture
- Demonstrate that cardholder data security programmes are in place
- Maintain a vulnerability management programme
- Implement strong access restriction measures
- Peform regular security risk assessment and monitoring
- Maintain an information security policy
 Who Should Attend?
- Managers overseeing PCI/DSS compliance
- External auditors performing PCI/DSS validation
- Security professionals operating in a PCI/DSS compliant environment
- Internal auditors desiring to validate interim compliance
- CTO’s & CIO’s
- Network Administrators
Course Outline:
Introduction to PCI DSS V 1.2
- What is PCI DSS
- Who are the ‘Participating Organizations ‘
- Who must comply and why one must comply with PCI DSS
- What are the Risk and consequences of non-compliance
Compliance Process
- Understanding the requirements of PCI DSS
- Understanding the differences between PCI DSS 1.1 and 1.2
- Understanding ‘Scoping ‘
- Understanding the ‘Self Assessment Questionnaire (SAQ)’
- Understanding Report on Compliance for PCI DSS
- Understanding the overall Compliance Process
Model Approach for achieving full Compliance
- Implementing a Risk program
- Developing Policies and Procedures
- Vulnerability Assessment
- Penetration Testing / Application Security Testing
- Technical Audits
- Network Security Reviews
Duration: 10 Hours
|
|
|
